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(54) Software copying system 

(57) A software copying system which enables cop- 
yrighted software recorded in a master storage medium 
(1; 60) to be copied to a user's target storage medium 
(3; 40) in a legitimate manner. A contents identifier read- 
ing unit (2) reads out a software identifier (SlDi; DID) 
from the master storage medium (1 ; 60). while a storage 
medium identifier reading unit (4) reads out a storage 
medium identifier (IDk; Mid) from the target storage 
medium (3; 40). The two identifiers are then sent to a 
centra) site (5) which manages licenses for tlie rig^t to 
copy software products. At the central site (5)* a signa- 
ture generating unit (6) produces a first signature (CS) 
from those identifiers and s&ids it back to the user's 
site, where a signature wrrttng unit (7) writes the 
received signature into the target storage medium (3; 
40). A signature genvating/conrparing unit (8) pro- 
duces a second signature (CS") out of the same identifi- 
ers as those sent to the central site (5), and compares it 
with the first signature (CS) stored in the target storage 
medium (3; 40). A data copying unit (9) copies the sub- 
ject software data file from the nr^er storage medium 
(1; 60) to tiie target storage medium (3; 40). only when 
the first and second signatures (CS. CS*) coincide with 
each other. 
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Description 

BACKGROUIVfD OF THE INVENTION 

1 . Field of the Invention 

The present invention relates to software copying 
systems, and more specifically, to a sofhArare copying 
system which enatsles copyrighted software to be dupli- 
cated tn a user's storage medium in a legitimate man- 
ner. 

Dcsg wn or tf>e F^ei^^ed Art 

A ttOv variety ol M^tware distribution methods 
have tMu^nv m\ tecent years, and tiie con- 

sumers can piffchM« software products which are 
stored m somt norege rrtedia such as ftpppy disks, 
compact doc readonfy momories (CD-ROMs), and 
semiconductof memories They can also buy some soft- 
ware products toid m on-fcne shops by downbacfing via 
networks Mou of such convnerdal software products, 
however, can be opied irto otfier storage media easily. 
This means thai Ar# «iposed to the potential risk of 
itiegal duplication, or softMre piracy, which has become 
a serious problem tot copyr^hted software. 

As to the software d«trtxition methods for compu- 
ter applications, cftctionaries. audb and video data. etc.. 
one of the conventional methods is to distribute them in 
a CD-TOM that is electronically bcked by a protection 
key. When a user is interested in a certain software 
product, he/she makes contact with a central site that is 
dealing that product. The user then takes a necessary 
procedure to purchase it. and in turn receives a key per- 
taining to the product. By opening the protected soft- 
ware archive with that key, the user can finally install it 
into his/her systeia 

Another method of software distribution uses a wri- 
table storage medium that contains some license-^pe- 
cif ic identification information tiurned in advance* which 
information is managed at the central site for licensing 
the right to copy their software products. When trying to 
duplicate a software product recorded in a CD-ROM, a 
user or a retailer selling the storage media will send 
their request to the central site. After following some 
necessary procedures for purchasing that subject soft- 
ware product the requesting user or retailer receives 
identification information issued by the central site. The 
subject software product can be duplicated from the 
CD-f^M to the storage medium, only when the 
received kientification information coinckJes with the 
license-specific klentification inforntation recorded in 
the storage medium. 

But anyone can execute or make access to the soft- 
ware, once It is installed into his/her local storage device 
such as a hard drive. This simply means that the 
installed software still is a subject of illegal duplication 
due to the lack of key protectioa 

Further, in tiie aforementioned second method, the 



license-related kjentif ication trrfomnation should be con* 
trolled at the central site in close liaison with a factory 
where tiie storage media are manufactured. Another 
problem witti the storage media is tiiat it is required to 
5 handle two types of storage media in cfifferent ways for 
two distinct purposes: software copying and general 
use. 

SUMMARY OF THE INVENTION 

10 

Taigng the above into conskJeration. an object of 
ttie present invention is to provide a software editing 
system which enables copyrighted data recorded in a 
master storage medium to be copied in a legitimate 
IS manner to a target storage medium that a user can read 
and write to. 

To accomplish the above object, according to the 
present invention, there is provided a software co(^ing 
system for duplicating software recorded in a master 

20 storage medium to a target storage medium in a legiti- 
mate manner. An authorized coping process is 
achieved through communications between an end 
user'^ site that is requesting a license of copying tiie 
software product and a central site that manages the 

25 license. 

The software copying system comprises the follow- 
ing structural elements. Contents kJentifier reading 
means reads out a first identifier tiie master storage 
medium This first kJentifier is uniquely as^gned to the 

30 software product recorded in the master storage 
medium. Storage medium identifier reading means 
reads out a second ktentifier from the target storage 
medium. This second kientifier is unquely assigned to 
and recorded in tiie target storage medium. Signature 

35 generating means, which is disposed at the central site, 
generates a first signature from ^e first kJentifier read 
out by the contents kJentifier reading means and tire 
second kientifier read t}y tiie storage medium identifier 
reading means. This first signature serves as a certifi- 

40 cate of a license to copy the software product. Signature 
writing means writes tiie first signature generated by the 
signature generating means into the target storage 
medium. For a verrficatton purpose, signature generat- 
ing/conparing means generates a second signature 

45 from the first klentrf ier read out by the contents identifier 
reading meauis and the secorxi kientifier read out by the 
storage medium identifier reading means. The signa- 
tore generating/comparing means tiien compares the 
first eignatore stored in the target storage medium witii 

so the second signature. Data copying means retneves the 
software product out of the master storage medium and 
writes tiie software product into the target storage 
medium, when the first and second identifiers turned 
out to be klentical as a result of the comparison per- 

55 formed by the signature generating/domparing means. 
To accomplish the atx>ve object there is also pro- 
vided a software copying metiiod for duplicating soft- 
ware reoonjed in a master storage medium to a target 
storage medium in a legitimate manner. This software 
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copying method comprises the fbttowrng steps. 

First, a storage medium iderrtifia' uniquely assigned 
to the target storage medium and a contents identifier 
uniquely assigned to a sxjtoiocx data file are sent from an 
end user's site to a central site, together with a message s 
requesting a software license. Second, a first certificate 
code is generated at the central site from the storage 
medium identifier and the contents Identifier received 
from the end user ^e. This step is accomplished 
through a signature generating process using a certiTj- 
cation t«y that is managed at the central site. Third, an 
encrypted certification key is generated at the central 
site by encrypting the certification key using a user key. 
Fourth, the first certificate code and the encrypted certi- 
fication tey are sent from the cerrtral site to the end 
user's site. Fifth, the first certificate code and the 
encrypted certification key arrived at the end user's site 
from the central site is written into the target storage 
medium. Sixth, a decrypted certrficetion key is obitafned 
at the end user^ site by decrypting, using the user key, 
the encrypted certification key stored in the target stor- 
age medium. Seventh, a second certification code is 
generated, for the purpose of verification at the end 
user's site, by applying a signature generating process 
using the decrypted certtfication key to the storage 
medium klentif ier and the contents kJentif ier. Eighth, the 
first certificate code stored in the target storage medium 
is conripared with tiie second certifkxite code that is 
generated at the end user^ site, lastly, the subject data 
file stored in the master storage mecfium is read out and 
written into the target storage medium if the first and 
second certificate codes coincide with eadi other. 

The above and other objects, features and advan- 
tages of the present invention will become apparent 
from the followng description when taken in conjunction 
witti the accompanying drawings which illustrate a pre- 
fenred embodiment the present inverrtion by way of 
example. 

BRIEF DESCRIPTION OF THE DRAWirvfGS 

F13. 1 is a conceptual view of a software copying 
system accoiding to the present invention; 
FIG. 2 is a f k>wchart showing a software duplication 
process executed by a software copying system in 
a first embodiment of the present invention; 
FIG. 3(A) is a diagram showing the structure of a 
CD-ROM; 

FIG. 3(B) is a diagram showing ttie structure of an 
MO disc; 

FIG. 4 is a diagram shomr)g a procedure of dupli- 
cating copyrighted software; 
FIG. 5 is a diagram showing the structure of a typi- 
cal signature processor; 

FIG. 6 is a diagram showng a procedure of execut- 
ing a duplicated software program; 
FIG. 7 is a f kywchart showing a software duplication 
process executed by a software copying system in 
a second embodiment of the present invention; 
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FIG. 8 is a diagram showing a procedure at the cen- 
taalsite; 

FIG. 9 is a diagram showing a procedure at the end 
user's site; and 

FIQl 10 is a diagram sliowing a procedure of exe- 
cuting a duplicated software program. 

DESCRIPTION OF THE PREFERRED EMBODIMENT 

At the outset, the present invention will be outlined 
with reference to FIG. 1 . wNch shows a conceptual view 
of a software copying system according to the present 
invention. 

As seen in FIG. 1. the software copying system of 
tiie present invention comprises several elements 
described below. Contents identifier reading means 2 is 
a means for reading out a first identifier stored in a mas- 
ter storage noedium 1. This first identifier is uniquely 
assigned to each software product recorded in the mas- 
ter storage medium 1. Storage medium identifier read- 
ing means 4 reads out a second identifier stored in a 
target storage medium 3. This second identifier is 
uniquely assigned to the target storage medium 3. Sig- 
nature generating means 6, disposed at a central site 5 
that manages licerises for software oc^ying. g&ierates 
a first signature from the first and second kientiTiers 
read out by the contents identifier reading means 2 and 
storage medajm identifier reading means 4, respec- 
tively. The first signature serves as a certificate of a 
license to copy the software product Signature writing 
means 7 writes the first signature, which is generated by 
the signature generating means 6, into the target stor- 
age medium 3. Signature generating/comparing means 
8 produces a second signature from the first and sec- 
ond identifiers respectively read out by the contents 
kientifier reading means 2 and storage medium kienti- 
f ier reading means 4. The signature generating/compar- 
ing means 8 compares ttie first signature stored in tiie 
target storage medium 3 witti tiie second signature tiiat 
is produced. Data coping means 9 retrieves tiie subject 
software product out of the master storage medium 1 
and writes it into the target storage medium 3, when the 
first and second signatures turned out to be kientical as 
a result of the comparison performed by the signature 
generating/comparing means 8. 

The master storage medium 1 contains several 
commercial software products, to each of which a con- 
tents kientifier is written. The target storage medium 3 
has an individual storage medium identifier which is 
written at the factory before shipment When a user 
selects a software product from among tiiose in the 
master storage medium 1, the contents kientifier read- 
ing means 2 retrieves a contents identifier correspond- 
ing to the selected software product and then the 
storage medium identifier reading means 4 reads out a 
storage medium identifier recorded in the target storage 
medium 3. Those two identifiers are transmitted to tiie 
central site 5 together with a purchase order message 
to request a license to copy the subject software prod- 



15 



20 



25 



30 



3$ 



40 



45 



BO 



3 



BNSOOCID: <EP_0809ia44A?J_> 



5 



EP0809 244A2 



6 



uct At the central site 5. the signature generating 
means 6 receives the contents Identifier arxl storage 
medium identifcer and sends back to the user a signa- 
ture that is generated from the received identifiers. This 
signature autiiorizes the user as a licensee hamg the 
ric^ to cop/ the software product. Simultaneously with 
{he issue of the ^gnature. the user Is registered in a 
user profile database at the central srte 5. arti a biOlng 
process is also invoiced. 

At the user side, upon receipt of the signature sent 
from the signature generating means 6, the signature 
writing means 7 writes It into tiie target storage medium 
3. The ^nature generating/comparing means 8 tiien 
locally generates a ^gnature from the contents identifier 
retrieved by the contents identifier reading means 2 and 
the storage medium identitter retrieved by the storage 
medium identifier reading means 4. The signature gen- 
erating/comparing means 8 compares this signature 
witii ttie first-mentioned signature stored In the target 
storage medium 3. If the two dgnatures coincide with 
each other, tfie data copying means 9 retrieves the sub- 
ject software product, which is stored in encrypted fornt. 
from the master storage medium 1 and copies it into tiie 
target storage medium 3. The software now stored in 
the target storage medium 3. however^ is not ready for 
execution because it is stifl encrypted. The user has to 
load It to the main memory of a special processor which 
decodes and executes the encrypted softwara 

Next, a first embodiment of the present Invention 
will be described below with reference to FIGS. 2 to 6. 
The following explanation assumes such a case that a 
certain copyrighted software program distii}uted in a 
CD-ROM is to be copied into a magnetchoptical (MO) 
disc. 

FIG. 2 is aflowchart showing a software dupfication 
process performed by the software cop/ing system. To 
copy a program in a CD-ROM to an MO disc using the 
software copying system of the present invention, it is 
necessary to follow tiie steps of: 

[SI] The storage medium identifier tDk recorded in 
the MO disc and the software identifier SfDi of the 
subject software program are sent to the central 
site which manages license for software copying. 
[S2] This request for the software license is proc- 
essed at tiie cental site, where a certificate code 
CS is generated from the storage medium identifier 
IDk and software identifier SIDi received from the 
end user sSte. The central site then sends back the 
certificate code CS to ttie end user site. 
[S3] The certificate code CS arrived at tiie end 
user's ^e is written into a predetermined storage 
region in the MO disc. 

[S4] For a verification purpose, another certificate 
code CS' is generated locally at the end user's site. 
t>ased on tiie storage medium identifier IDk and 
software identifier SIDi, which were sent to the cen- 
tral sita 

[S5] The locally generated certificate code CS* is 



compared witii tiie other certificate code CS stored 
in the MO disc. 

[S6| According to the result of the comparison 
between CS and CS\ the process proceeds in dif- 
5 fereni ways. If tiie two certificate codes are found 
identical, the process goes to the next step S7. 0th- 
enwise, tiie process is terminated without copying 
tiie software program from the CD-ROM to the MO 
disc 

70 [S7] An encrypted software data file having tiie soft- 
ware identifier SIDi is copied from tiie CD-ROM to 
the prepared MO disc. 

FIGa 3(A) and 3(B) show the sti'ucture of records 

IS in a CD-ROM and an MO disc, respectively The struc- 
ture of a CD-ROM 11 is shown in FIG. 3(A). where a 
plurality of copyrighted software programs and a man- 
ager application program MA are recorded. The copy- 
righted software programs, stored in encrypted form. 

so have their respective software identifiers SIDi 
(/el ,2 ri). The manager application program MA gov- 
erns tiie operations to copy the copyrighted software 
programs from a CD-ROM to an MO disc. Upon request 
for software copying, this program vnll be loaded into 

25 and executed on a terminal station (ag.. a personal 
computer) located at tiie end user's That is, tiie 
manager application program MA is re^onsftde for tiie 
steps executed at the end user's site as part of tiie pro- 
cedure shown in FIG. 2. 

30 FIG. 3(B) is a diagram showing the record structure 
of the MO disc 12, where a storage medium identifier 

IDk {k=^ :2l m) is recorded. Alttiough nrx)st part of tiie 

MO disc 12 can be freely written and/or read by tiie end 
users, the storage medium identifier IDk is written in a 

35 special part of tiie disc that is not rewritable. This stor- 
age medium identilier IDk may b& a serial number 
which is assigned uniquely to each mecf um at the fac- 
tory before shpment. 

The following description will present a more 

40 detailed procedure of duplicating copyrighted software 
from a CD-BOM to an MO disc with reference to FIG. 4. 

FIG. 4 shows a software copying procedure, which 
is roughly divided into two parts: steps at tiie end user's 
site (tiie right half of FIG. 4) and steps at the central site 

45 (the left half of FIG. 4). At the end user's site, a temiinal 
station (e.g., a personal computer) performs actual data 
processing jobs pertaining to the software copying, 
while several de^nces located at the central site man- 
ages license for the software copying. TTiose two sites 

so are interconnected by a communication line or a deliv- 
ery channel. 

The terminal station at the end user's site is 
equipped with a CD-ROM drive and an MO drive (both 
not shown). The CD-ROM 1 1 . serving as a master stor- 
55 age medium that stores copyrighted software programs, 
IS inserted in the CD-ROM drive. On the ottier hand, the 
MO disc 12 serving as a target storage medium is 
loaded in the MO drive. The subject software program in 
tiie CD-ROM 11 has a software identifier SIDi, and tiie 
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MO disc 12 owns its unique storage medium identifier 
/D/f. 

First of all. at the end user^ terminal station, the 
manager application program AM in the CD-ROM 11 
starts with accepting a request from the end user for s 
copying a specific software program. Upon this request, 
the manager application program MA reads out the cor- 
responding software Identffier SIDi from the CD-ROM 

11 as well as extracting the storage medium identifier 
iDk from the MO disc 1 2. Those two identifiers are then w 
sent to the software license center along with a request 
message containing infonnalion necessary for a soft- 
ware license. 

The central site recerves the above-described 
request from the user and saves the contents of the 75 
request into a user profile database 13. The received 
software identifier SIDi and storage medum identifier 
IDk are supplied to a signature processor 14, where the 
identifiers SIDi and IDk are compressed into a certifi- 
cate code CS. In this compression process, a certifica- 20 
tim key KEYc operates as a private key (or secret key). 
The produced certificate code CS will serve as what is 
referred to as the "signature" jn FIG. 1 . The certrftcation 
key KEYc used lay the signature processor 14 is then 
directed to an encryption unit 1 5 to be enaypted with a ss 
user key KU, thus producing a dphertext EKU(KEYc), 
The certificate code CS generated by the signature 
processor 14 and the qphertext EKUfKEYc) generated 
by the encryption unit 15 are finally transmitted together 
with the central site identifier IDc to the end user's site so 
as a re^)onse to the request from the end user. 

At the end user^ site, the terminal station extracts 
the certificate code CS and dphertext EKU(KEYc) from 
among the information received from the central site 
and writes them into the target MO disc 12. The certifi- ss 
cate code CS and ciphertext EKU(KEYc) recorded in 
the MO disc 12 are retrieved arxJ sent to the manager 
application program. 

Then, in the terminal station, a signature verifica- 
tion process starts. Rrst. a decryption unit 16 decodes 40 
the ciphertext EKU(KEYc) using the user key KU and 
extracts the certification key KEYc, which was once 
encrypted at tiie central she. Out of the software identi- 
fier SIDi retrieved from the CD-ROM 1 1 and the storage 
medium identifier IDk retrieved from the MO disc 12. a 45 
signature processor 1 7 generates a certificate code CS* 
for verification at the end users ^e. The certification 
key KEYc decrypted by the decryption unit 1 6 is used in 
this CS' generation process. Then, a comparator 18 
compares ttte certificate code CS written in the MO disc so 

1 2 and the certificate code CS' generated by the signa- 
ture processor 17. if the comparison result indicates 
coincklence of the two codes CS and CS\ a switch 19 
will enable the software program having the software 
identifier SIDi to be written into the target MO disc 1 2 in ss 
the form of encrypted data. 

The folkiwing description will present a typical func- 
tion achieved by the signature processor 14 at the cen- 
tral site and the signature processor 1 7 at the end user's 



ate. 

FIG. 5 illustrates the structure of the signature proc- 
essor, which consists of an exclusive OR logic 21 and 
an encryption unit 22. The exclusive OR logic 21 per- 
fonms an exclusive OR operation on a software identifier 
SIDi, storage medium identifier IDk and certif k;ate code 
CS. The encryption unit 22 encrypts the output of ttie 
exclusive OR togk: 21 witii the certification key KEYc to 
produce the certificate code CS. Those two elements 

21 and 22 thus constitutes a hash function operator. 

In a bIock-by-bk)ck manner, the encryption unit 22 
encrypts tfie software identifier SIDi and storage 
medium identifier IDk with the certification key KEYc. 
The encrypted output data is fed back to the input of the 
exclusive OR logic 21 and directed to the exclude OR 
operation witii tiie next block data. The output of the 
exclusive OR logic 21 is then encrypted by the encryp- 
tion unit 22 again. The above operations are repeated 
until the final block is entered, and the result of this 
cyclic corrputation will come out of the encryption unit 

22 as a certificate code CS when the encryption of the 
final block is finished. 

The licensed software program is copied to the MO 
disc 12 in the way descrbed above, fcxit tiie end user 
cannot run it as is, because the program is still 
encrypted. The following description will explain how it 
will be executed. 

FIG 6 shows a procedure of executing a duplicated 
software program. The MO disc 12 contains the certifi- 
cate code CS, ciphertext EKU(KEYc), storage medium 
Identifier iDk, and software identifier SIDi, as well as 
storing the duplicated software in the form of encrypted 
data EKd(DATA), This encrypted data EKd(DATA) was 
encrypted wrtii a key before tiie software was 
stamped to the CD-ROM. and tiie encryption key Kd is 
under the management of tiie manage application pro- 
gram. 

The terminal station at tiie end user's site first 
retrieves from tiie MO disc 12 tiie certificate code CS, 
ciphertext EKU(KEYc), storage medium identifier IDk, 
and software identifier SIDi. The decryption unit 16 
decrypts the dphertext EKU(KEYc) with the user key 
Ku, thereby extracting tiie certification key KEYc. Then 
the signature processor 17 generates another certifi- 
cate code CS' from the software identifier SIDi and stor- 
age medium identifier IDk retiieved torn ttie MO disc 
12. using the certification key KEYc decrypted by tiie 
decryption unit 16. Subsequentiy, tiie comparator 18 
compares the certificate codes CS and CS'. If the com- 
parison indicates coincidence of the two codes CS and 
CS\ the switch 19 will allow an encrypted data file 
EKd(DATA) containing the enwypted software program 
to pass through to a decryption unit 25. The decryption 
unit 25 decrypts the encrypted data file EKd(DATA) 
using the key Kd that is owned by the manager applica- 
tion program, thus restoring tiie original plaintext data 
file DATA. The contents of this decrypted data f De DATA 
can be executed by tiie central processing unit (CPU) 
after being loaded to the memory, both of which are part 
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of a CPU/memory urot 26 in the terrranal station. 

Next, a second emtxxiiment of the present inven- 
tion win be described below wrth reference to FIGS. 7 to 
10. In the second embodiment, each software program 
recorded in a CD-ROM has a software identifier DiD 
uniquely assigned ^ereto^ and its conrespondfng data 
file Data is stored as an encrypted data file EKd(Data). 
This encrypted data f Oe EKd(DATA) has been aeated 
with a master medium conversion Ka generated 
from the software identifier D!D and a master key KM, 
which is managed at a software license center. The soft- 
ware license center is in charge of licensing of the right 
to copy their commercial software products. Regarding 
the target storage media, the user's MO disc has a 
serial nuntt)er serving as a storage medium identifier 
Mid, 

RG. 7 is a flowchart showing a software duplication 
process performed under the above assumption by the 
software copying system of the secorxd enrbodiment 

To obtain a copy of a software program distnlauted 
in a CD-ROM, it is necessary to go through the following 
seven steps: 

IS11] The storage medium identifier Mid recorded 
in the target MO disc and the software identifier 
DID of the subject software program in the CD- 
ROM are sent from tiie end user's site to the soft- 
ware license center, which controls tiie license to 
COK^ tiie software products. 
[S12] At the software license center, it is tested 
whether tiie software identifier DID is registered 
therein or not. 

[S13] The storage medium identifier Mid and soft- 
ware identifier DID are encrypted wntti the master 
1^ KM nranaged in the software license center, 
thus generating a storage medium conversion Key 
Ku and master medium conversion key Ka, respec- 
tively. 

IS14] A dphertert EMid{Ku,Ka) is generated by 
encrypting tttose storage medium and master 
medium conversion keys KuandKa using the stor- 
age medium identifier Mid, The dphertext 
EMid(Ku,Ka) is sent to tiie end user's site as a 
response message to tiie request. 
[Sl5] The end user's site obtains the storage 
medium conversion key Ku and master medium 
conversion key Ka t>y decrypting the received 
ciphertext EMid(Ku,Ka) witti the storage medium 
klentifier Mid, while storing a dpherteict EMid(Ku), 
i.e., MO disc-related part of the dphertext 
EMid(Ku,Ka}, wrtiiout attempting decryption. 
[S16] With the master medium conversion key Ka 
ctoined in step Si 5, the encrypted data fSe 
EKd(Data) in the CD-ROM which corresponds to 
the software identifier DID is decrypted to restore 
the ortgina] plaintext data file Data. 
[SI 7] The plaintext data file Data is encrypted 
again with the storage medium conversion key Ku 
obtained in step S15. and the encrypted data file is 



stored into the MO disc, tiius finalizing the software 
duplication process. 

The above-descrbed software duplication proce- 

5 dure wll b^ discussed in more detail below. In tiie sec- 
ond embodiment of the present Invention, the 
procedure starts at the end user's site with sending a 
request to the software license center, which part of the 
procedure consists of only two things as follows. One is 

10 to read out tiie storage medium identifier Mid ol the tar- 
get MO disc and the software identifier DID of tiie sut>- 
ject software stored in tiie CD-ROM, and tiie other is to 
send these klentifiers Mid and DID to tiie software 
license center. The following description skips those two 

15 ^eps and will begin witii the steps executed by the soft- 
ware license center which has received tiie above 
request from tiie end user^ site. 

FIG. 8 explains tiie procedure executed at the soft- 
ware license center. Upon receipt of the two kJentif iere, 

20 Mid and DID, from tiie end user's site through a com- 
munications line, the software license center fonvards 
the storage medium Identifier Mid to an encryption urdt 
31 having tiie master key KM under tiie control of tiie 
center, as well as supplying Uie software identifier DID 

25 to a comparator 32. The encryption unit 31 encrypts tiie 
storage medium identifier Mid using tiie nriaster key KM 
to produce a storage medium conversion key Ku, The 
comparator 32. on tiie ottier hand, searches a contents 
identifier file 33. comparing each entry witii the received 

30 software identifier DID to verify its validity. If tiie 
received software identifier DID coinddes with tiie one 
registered in tiie contents identifier file 33. the compara- 
tor 32 closes a switch 34. thus allowing the software 
identifier DID to enter to an encryption unit 35 having 

35 tiie master key KM. The encryption unit 35 encrypts tiie 
software kientif ier DID with the master key KM to create 
a master medium conversion key Ka. The storage 
medium conversbn key Ku produced by the encryption 
urtit 31 and the master medium conversion key Ka pro- 

40 duced by the encryption unit 35 are then entered to an 
encryption unit 36 for furttier encryption using the stor- 
age medium identifier Mid, A c^hertext EMid(Ku»Ka) 
produced Isy tiie encryption unit 36 is transferred to tiie 
requesting end user through the communications line. 

45 Upon compl^on of the above procesang steps, a 
request for billing is issued to the user profile datat>ase 
37 and tiie cost is charged to the requesting end user. 

FIG. 9 explains tiie procedure at the end user's site 
after the above<ie6cribed process is finished at tiie soft- 

50 ware license center The dphertext EMid(Ku,Ka) 
received from the software license center is applied to a 
decryption unit 51. while a c'qphertext EMid(Ku) as part 
of the received ciphertext EMid(Ku,Ka) is written into a 
predetemnined region 41 in the target MO disc 40. The 

55 decryption unit 51 decrypts the dphertext EMid(l^,Ka) 
using the storage medium identifier Mid extracted from 
the MO disc 40. thus restoring the original storage 
medium conversion key Ku and master medium conver- 
sion key Ka. This restored master medium conversion 
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key Ka is then entered to a decryption unit 52 as its 
decryption K^, while the restored storage medium con- 
version key Ku is entered to an mcryption unit 53 as its 
encryption key. The decryption unit 52 retrieves the 
encrypted data file EKa(Data) that corresponds to the 
software identifier DID in the CD-ROIM 60 and deaypts 
tt unth the master medium conversion key Ka. thus 
restoring the original plaintext data file Data. This data 
file Data is encrypted again by the encryption unit 53 
with the storage medium oonvenson key Ku, and the 
resultant ciphertext EHu(Data) is written into the target 
MO disc 40, 

in ttie way described above, the ciphertext 
EKufData) is written into ttie MO disc 40 through the 
process using two conversion keys derived from a 
unque identifier recorded In the MO disc 40 and a mas- 
ter key under the control of the software license center. 
Next, a procedure to execute this encrypted data file 
EKu(Data} will be described below. 

Fta 10 illustrates a procedure of executing the soft- 
ware program that is diipHcated as a data f Ue in ttie MO 
disc 40. The dphertext EMid(Ku} is stored in a section 
41 as part of ttie rewritable region in ttie MO disc 40, 
while the storage medium identifier Mid is recorded in a 
non-rewritable region 42. The encrypsted data file 
EKu(Data) is stored in a section in the remaining rewri- 
table region. When tiie program in the encrypted data 
file EKu(Data} called up for execution, ttie storage 
medium identifier Mid and dphertext EMid(Ku) are 
retrieved from the MO disc 40 and entered to a decryp- 
tion unit 54. Using the storage medium identifier Mid as 
the decryption key, the decryption unit 54 decrypts the 
ciphertext EMid(Ku) to restore the storage medium con- 
version key Ku. Anothw decryption unit 55 ttien 
decrypts ttie encrypted data file EKu(Data) retrieved 
from ttie MO disc 40, using the storage medium conver- 
sion key Ku as the decryption key. The resultant plain- 
text data file Data will be executed after being loaded to 
the main memory of a personal computer that is work- 
ing as tiie end user's temninal station. 

The above discussion will be summarized as fol- 
lows. According to the present Invention, the software 
copying system conprises agnature generating means, 
disposed at the central site, for generating a signature 
from information ttiat identifies ttie target storage 
medium and subject data stored in ttie master medium. 
The system also comprises, at the end user*s site, sig- 
nature writing means for writing the signature generated 
by the signature generating means into the target stor- 
age medium, signature generating/comparing means 
for comparing a signature ttiat is locally generated at the 
end user's site with ttie signature written in ttie target 
storage medium, and data coping means for copying 
ttie sutjject program to the target storage medium 
according to tiie result of comparison. Therefore, the 
central site only has to issue a signature associated witti 
ttie identifier of the target storage medium, and there is 
no need to manage any license-specific information in 
dose licuson witti factories of the storage medium man- 



ufocturers. This also eliminates the stock conto'oi in ttie 
manufacturers and retailers for ttie storage media to be 
used in software copying. 

The foregoing is considered as illustrative only of 

5 the -prindples of the present invention. Further, since 
numerous modifications and changes will readily occur 
to ttiose skilled in ttte art. it is not desired to limit ttie 
invention to the exact construction and applications 
shown and described, and accordingly, all suitable mod- 

10 ifications and equivalents may be regarded as falling 
within the scope of ttie invention in ttie appended claims 
and their equivalents. 

Claims 

IS 

1 . A software copying system for duplicating software 
recorded in a master storage medium (1 ) to a target 
storage medium (3) in a legitimate manner 
achieved through communications between an end 
20 user's site that is requesting a license of copying 
ttie software and a central site (5) that manages ttie 
license, the software copying system conrprising: 

contents identifier reading means (2) for read- 
25 ing out a first identifier (SIDi) from the master 

storage medium (1). said first identifiers (SIDi) 
being uniquely assigned to the software pro- 
gram recorded in tiie master storage medium 

(1) : 

30 Storage medium identifier reading means (4] 

for reading out a second identifier (IDl^ from 
the target storage medium (3). the second 
identifier (IDk) being uniquely assigned to ttie 
target storage medium (3); 

35 signature generating means (6). disposed at 

tiie central site (5), for generating a first signa- 
ture from ttie first identifier (SIDi) read out by 
said contents identifier reading means (2) and 
ttie second identifier (IDI^ read out by said stor- 

40 age medium identifier reading means (4), ttie 

first signature serving as a certificate of a 
license to copy the software program; 
signature writing means (7) for writing the first 
signature generated by said signature generat- 

45 ing means (6) into ttie target storage medium 

(3) : 

signature generating/comparing means (8) for 
generating a second signature, for a verifica- 
tion purpose, from ttie first identifier (SIDi) read 
so out by said contents identifier reading means 

(2) and ttie second identifier (IDk) read out by 
said storage medium identifier reading means 

(4) . and comparing ttie first signature stored in 
the target storage medium (3) with ttie second 

55 signature; and 

data copying means (9) for retrieving ttie soft- 
ware program out of the master storage 
medium (1) and writing the software program 
into the target storage medium (3), when ttte 
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first and seoond identifiers turned out to be 
identical as a result of the oonparison per- 
formed by said signature generating/compar- 
ing means (8). 

^ A software copying system acoording to claim 1, 
wherein said signature generating means (6) com- 
prises 



3. A software copying system according 1o claim 2, 2S 
wherein said signature generating/comparing 
mearts (8) comprises 



4. A software copying m^hod for duplicating software 
recorded in a master storage medium (1 ) to a target so 
storage medium (3) in a legitinnate manner 
achieved through communications between an end 
user's site that is requesting a license to copy the 
software and a central ^e (5) that manages the 
license, the software copying method comprising ss 
the steps of: 

sending from the end user*s site to tiie central 
site a storage medium identifier (IDI^ that is 



uniquely assigned to the target storage 
medium (3) and a contents identifier (SIDi) that 
is uniquely assigned to a subject data file, 
together with a message requesting a software 
license: 

generating at the central site (5) a first certifi- 
cate code (CS) from the storage medium iden- 
tifier (IDk) and the contents identifier (SIDi) 
received from tiie end user site, through a ^g- 
nature generating process using a certification 
key (KEYc) that is managed at the central site 
(5): 

generating at the central site (5) an encrypted 
certifcation key (EKU(KEYc)) by enaypting 
the certification key (KEYc) using a user 1^ 
(KU); 

sending from the central site (5) to tiie end 
user's site the first certificate code (CS) and tiie 
encrypted certification key (EKU(KEYc)); 
writing at the end user*s site tiie first certificate 
code (CS) and ttie encrypted certification key 
(EKU(KEYc)) received from the central site (5) 
into the target storage medium (3); 
obtaining at the end user's site a decrypted cer- 
ttftcation key (KEYc) by decrypting the 
encrypted certification key (EKU(KEYc)), 
which is stored in the target storage medium 
(3). using tiie user key (KU); 
generating at the end user's site a second cer- 
tification code (CS*) for a verification purpose 
by applying a signature generating process 
using the decrypted certification key (KEYc) to 
the storage medium klentifier (IDk) and the 
contents klentifier (SIDi); 
coiT^ing the first certificate code (CS) stored 
in the target storage medium (3) with the sec- 
ond certificate code (CS') tiiat is generated at 
the end user's site; and 

reading out the subject data file stored in tiie 
master storage medium (1) and writing tiie sub- 
ject data file into the target storage medium (3) 
if the first and second certificate codes 
(CS,C8*} coincide with each other, 

A software copying system for duplicating software 
recorded in a master storage medium (60) to a tar- 
get storage medium (40) in a legitimate manner 
achieved tiirough communications between an end 
user's site that is requesting a license to copy the 
software and a central site (5) that manages the 
license, the software copying system comprising: 

contents kientifier reading means (2) for read- 
ing a first kientifier (DID) uniquely assigned to a 
software product, which are both recorded in 
the master storage medium (60); 
storage medium kientifier reading means (4) 
for reading a second kientifier (Mid) unk^uely 
assigned to ti^e target storage medium (40) 



signature proofing means (1 4) for encrypting io 
ttie first kfentifler (SIDi) read by said contents 
kientifier reading means (2) and the second 
kientifier (IDk) read by said storage medium 
kientifier readng means (4) using a certifica- 
tion key (KEYc) managed atthe central site (5), is 
to produce a certificate code (CS) that serves 
as the first signature, arxJ 
encrypting means (15) for encrypting the certi- 
fication k^ (KEYc) using a user key (KU) reg- 
istered at tiie cenbal site (5), and sencfing tiie 20 
encrypted certification key (EKU (KEYc)) for 
use In said signature generating/conrparing 
means (8) to generate the second signature 



decrypting means (16) for decrypting the 
encrypted certification key (EKU(KEYc)} using so 
tiie user key (KU), which is registered at the 
central site (5), to produce a decrypted certifi- 
cation hey, 

certificate code generating means (17) for gen- 
erating another certificate code (CS*) for verifi- ss 
cation, which mil sen^e as the second 
signature, by encrypting the first identifier 
(SIDi) read said contents identifier reading 
nrteans (2) and tiie seoond identifier (IDi^ read 
by said storage medium kientrfier reading 4o 
means (4) using tiie decrypted certificatton key 
(KEYc). and 

comparing means (1 8) for comparing the certif- 
icate code (CS*) for verification generated by 
saki certificate code generating means (1^ 4S 5. 
with the certificate code (CS) stored as the first 
signature in the target storage medium (3). 
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and recorded therein; 
oonversion key generating means (31. 35. 36). 
disposed at the central site (5). for generating a 
storage medium conversion key (Ku) from the 
second identifier (Mid) read by said contents s 
identifier reading means (2), generating a mas- 
ter medium conversion key (Ka) from the first 
identifier (DID) read by said storage medium 
klentifier reading means (4). and generating an 
encrypted storage medium conversion key to 
(EMid(Ku)) and an encrpyted master medium 
conversion key (EMid(Ka)) by respectively 
encrypting the storage medium conversion key 
(Ku) arKj the master medium conversion key 
(Ka) using the seond identifier (Mid); is 
conversion key writing means for writing the 
encrypted storage medium conversion key 
(EMid(Ku)) generated by said conversbn key 
generating means (31 , 36) into the target stor- 
age medium (40); 20 
conversion key decrypting means (51) for gen- 
erating a decrypted storage medium conver- 
sion key (Ku) and a decrypted master medium 
conversion key (Ka) by respectively decrypting, 
using the second identifier (Mid) read by said 25 
storage medium identifier means (4). the 
encrypted storage medium conversion key 
(EMid(Ku)) and the encrypted nmster medium 
conversion key (EMid(Ka)) generated by said 
conversion key g&ierating means (31 . 35, 36); 30 
data decrypting means (52) for reading out the 
target data file (EKa(Data)) recorded in the 
master storage medium (60) and producing a 
plaintejct data file (Data) by decrypting tiie tar- 
get data file (EKapata)) using the decrypted 35 
master medium conversion key (Ka) generated 
by said oonversion key decrypting means (51); 
arKf 

data writing means (53) for producing an 
encrypted data file (EKu(Data)) by encrypting 40 
tiie plaintext data fOe (Data) using the 
decrypted storage medium conversion key (Ku) 
generated by said conversion key decrypting 
means (51) and writing the encrypted data file 
(EKu(Data)) into tiie target storage medium 45 
(40). 

6. A software copying system according to daim 5. 
wherein eaki conversion key generating means (31 . 
35, 36) comprises so 

first encrypting means (31) for generating the 
storage medium conversion key (Ku) by 
encrypting the second identifier (Mid) read out 
by said contents identifier reading means (2), ss 
using a master key (KM) that is managed at the 
central site (5): 

second encrypting means (35) for producing 
the master medium conver^on key (Ka) by 



encrypting the first identifier (DID) read out by 
said storage medium identifier reading means 
(4), using the master k^ (KM); and 
third encrypting means (36) for produdng the 
encrypted storage medium conversion key 
(EMid(Ku)) and the encrypted master medium 
conversion key (EMid(Ka)) by encrypting tiie 
storage medium conversion key (Ku) and the 
master medium conversion key (Ka) using tiie 
second identifier (Mid) read out by said con- 
tents identifier reading means (2). 

7. A software copying system for duplicating a subject 
data file recorded in a master storage medium (60) 
to a target storage medium (40), the subject data 
f3e being encrypted with a master medium conver- 
sion key (Ka) produced from a contents identifier 
(DID) to identify software products and a master 
key (KM) managed at a central site (5) which deals 
licenses to copy software products, the software 
copying system comprising the steps of: 

sending from the end user's site to the central 
site (5) a contents identifier (DID) that is 
uniquely assigned to the subject data file and a 
storage medium identifier (Mid) ttat ts uniquely 
assigned to the target storage medium (40); 
producing at the central site (5) a master 
medium conversion key (Ka) and a storage 
medium conversion key (Ku) by respectively 
encrypting tiie contents identifier (DID) and the 
storage medium identiTier (Mid) using a master 
key (KM) managed at tiie central site (5); 
generating an encrypted storage medium con- 
version key (EMid(Kdi)) and an encrypted mas- 
ter medium conversion key (EMid(Ka)) by 
respectively encrypting the storage medium 
conversion key (Ku) and tiie master medium 
conversion key (Ka) using the storage medium 
identifier (Mid); 

sending from the central site (5) to the end 
user's site the encrypted master medium con- 
version key (EMtd(Ka)) and the encrypted stor- 
age medium conversion key (EMid(Ku)); 
writing the encrypted storage medium conver- 
sion key (EMid(Ku)) into the target storage 
medium (60); 

generating a decrypted storage medium con- 
version key (Ku) and a decrypted master 
medium conversion key (Ka) by respectively 
decrypting the encrypted storage medium con- 
version key (EMid(Ku)) and the encrypted mas- 
ter medium conversion key (EMid(Ka)) using 
tiie storage medium klentifier (Mid); 
decrypting the subject data file (EKa(Data)) 
recorded in the master storage mecfium (40) to 
produce a plaintext data file (Data) by decrypt- 
ing the target data file (EKa(Data)) using tiie 
decrypted master medium conversion key (Ka); 
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producing an encrypted data file (EKu(Data)) 
by encrypting the plaintext data file (Data) 
using the decrypted storage medium conver- 
sion key (Ku); end 

writing the encrypted data f9e (EKu(Data)) into 5 
the target storage medium (60). 
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(54) Software copying system 

(57) A software copying system whicfi enables cop- 
yrighted software recorded in a master storage medium 
(1: 60) to be copied to a user's target storage medium 
(3; 40) in a legitimate manner. A contents identifier read* 
ing unit (2) reads out a software identifier [SlDi; DID) 
from the master storage medium (1 ; 60), while a storage 
medium identifier reading unit (4) reads out a storage 
medium identifier (IDk; Mid) from the target storage 
medium (3; 40). The two identifiers are then sent to a 
central site (5) which manages licenses for the right to 
copy software products. Al the central site {Sj, a signa- 
ture generating unit (6) produces a first signature (CS) 
from tiiose identifiers and sends it back to the user's 
site, where a signature writing unit (7) writes the 
received signature into the target storage medium (3; 
40). A agnature generating/comparing unit (8) pro- 
duces a second signature (CS*) out of the same kientif i- 
ers as those sem to the central site (5), and compares it 
with the first signature (CS) stored in the target storage 
medium (3; 40). A data cop/ing unit (9) copies the sub- 
ject software data file from the master storage medium 
(1 ; 60) to the target storage medium (3; 40), only when 
the first and second signatures (CS, CS") coincide with 
each other. 
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